How TO Make BASIC CAPTCHA in PHP

siLenTz · #1 (**permalink**) 07-11-2007, 10:34 PM

CAPTCHA is stand Completely Automated Public Turing test to tell Computers
and Humans Apart. Have you ever register for Yahoo email account and
Yahoo required you to type any letters that contains in image. It is call
CAPTCHA. This method is for prevent or reduce the attacker. In this tutorial,
I will explain you how to make a very basuc CAPTCHA.

Requirement:
- PHP 4+ (not sure if it is work in PHP3)
- GD library
__________________________________________________ _____

STEP 1: Generate String
The very first step is to generate the randomly 5 letters string. It is up to
you to determine how many letters string you want, but I choose 5 letters.

PHP Code:

      $string = md5(microtime() * mktime());
    $string = substr($string, 0, 5);

I used microtime and mktime to generate a random number and encrypted
with md5 function. mn5 will generate 32 characters string and we substr
to cut 5 letters from the encrypted string.
__________________________________________________ _____

STEP 2: Generate Image
Now we got random string in our hand. Let make it into image. First I create
one background image (you can make it in photoshop or any program):

(back.jpg)

PHP Code:

      $im = imagecreatefromjpeg('back.jpg');

imagecreatefromjpeg is function to create the image by loading from exist
jpeg image file. Now we got background in our image. Let print some
strings out.

PHP Code:

      $white_color = imagecolorallocate($im, 255, 255, 255);
    imagestring($im, 5, 25, 7, $string, $white_color);

imagecolorallocate took 4 arguments, the first one is the resource of image
and the last 3 arguments are RED, GREEN, BLUE which each arguments
is range from 0 to 255. Basically, if RED=255, GREEN=0, BLUE=0 mean it is
RED color. Another example: if RED=255, GREEN=255, BLUE=0 then the color
is Yellow. We use imagecolorallocate to create white colour. imagestring
is function to print the string out into the image. imagestring took 6
arguments. imagestring(image, fonts, x-possition, y-possition, string to
print, color of the string). There are 5 fonts are build in. x and y position
are string position in the image: here it is how x and y work:

PHP Code:

      for($i = 0; $i < 5; $i++) {
        imageline($im, rand(0, 100),rand(0, 20), rand(50, 100), rand(50, 100), $white_color); 
    }

Now we draw 5 lines to make our image is difficult for robot to read through
imageline took 6 arguments. imageline(image, x1, y1, x2, y2, colour).
x1 and y1 is starting position and x2 and y2 is ending position. Here
it is how it position work:

PHP Code:

      imagejpeg($im, 'verify.jpg'); 
    imagedestroy($im);

Now we save the image as 'verify.jpg' and free image from memory. Now we
got nice image generated.
__________________________________________________ _____

STEP 3: Save it into SESSION

PHP Code:

      session_start();
    // our code in step 1 and step 2
    $_SESSION['vcode'] = md5($string);

Put session_start(); at the beginning of code and we use $_SESSION
to remember the string in our image. In this case I have encrypted the
string to make it more secure.
__________________________________________________ _____

STEP 4: Check For Correct Input
Now this the final step of how to CAPTCHA is to check if the users input
the right code we provided:

PHP Code:

  <form method="POST" action="">
    <img src="verify.jpg"><br>
    <input type="text" name="textcode">
    <input type="submit" value="Verify" name="submit">
</form>

First create the form with image and one textbox for users to input.
Here it is how we check if we got correct input or not:

PHP Code:

      if (isset($_POST['submit']) && 
        md5($_POST['textcode']) == $_SESSION['vcode']) {
        die ('Correct');
    } else {
        echo ('Incorrect');
    }

__________________________________________________ _____

That is all for my tutorial. It is very basic CAPTCHA application. If you want
source code? you can tell me to post it here.

TeraTask · #2 (**permalink**) 07-12-2007, 11:12 AM

Full source would be appreciated. I'll add to it when you post as I have a captcha setup that also uses sound on my own site. I believe it uses the same functions (which do work on PHP 5).

#3 (**permalink**) 07-12-2007, 05:05 PM

I believe there are already some free captcha scripts out there. No need to re-invent the wheel.
Anyway, it's always good to know how to do it. Thanks for the post.

HelloWorld · #4 (**permalink**) 07-12-2007, 06:46 PM

Quote:

Originally Posted by ablaye

I believe there are already some free captcha scripts out there. No need to re-invent the wheel.
Anyway, it's always good to know how to do it. Thanks for the post.

I think it's important if he created something that's better from the one that's been inveted

Well, it's just the matter of design and algorithm. There are many algorithm that does the same thing, but do they really do on the huge data? **That's what I'm learning right now, algorithm analysis** kind of boring but still have to go through it...

TeraTask · #5 (**permalink**) 07-12-2007, 07:14 PM

There are also many applications. What has really been demonstrated is how to create a graphic and overlay any text you want (with extraneous lines, if desired.) Every code snippet will have its use to someone and the different presentation may allow someone to "finally get it."

Lee · #6 (**permalink**) 07-12-2007, 07:14 PM

If you want to code things then theres no point just getting other peoples scripts, its better to make it your self and understand how its built up ablaye.

Thanks for tutorial

siLenTz · #7 (**permalink**) 07-12-2007, 08:26 PM

Full source:

PHP Code:

 
<html>
<head>
    <title>CAPTCHA</title>
</head>
<body>
<?php
    session_start();

    if (isset($_POST['submit']) && 
        md5($_POST['textcode']) == $_SESSION['vcode']) {
        die ('Correct');
    } else {
        echo ('Incorrect');
    }

    $string = md5(microtime() * mktime());
    $string = substr($string, 0, 5);

    $im = imagecreatefromjpeg('back.jpg');

    $white_color = imagecolorallocate($im, 255, 255, 255);

    imagestring($im, 5, 25, 7, $string, $white_color);

    for($i = 0; $i < 5; $i++) {
        imageline($im, rand(0, 100),rand(0, 20), rand(50, 100), rand(50, 100), $white_color); 
    }

    imagejpeg($im, 'verify.jpg'); 
    imagedestroy($im);

    $_SESSION['vcode'] = md5($string);
?>
<form method="POST" action="">
    <img src="verify.jpg"><br>
    <input type="text" name="textcode">
    <input type="submit" value="Verify" name="submit">
</form>
</body>
</html>

HelloWorld · #8 (**permalink**) 07-12-2007, 11:10 PM

Quote:

$white_color = imagecolorallocate($im, 255, 255, 255);

that line right is is pretty cool, is that mixing the colors?

I never knew that there's a language that done all of these already, but I think if they can break up the algorithm for imagecolorallocate(); then your CAPTCHA won't do much...

I think we should create it our own version for that

TeraTask · #9 (**permalink**) 07-12-2007, 11:32 PM

I recently read an ACM article which talked about CAPTCHA and it indicated that at all tweakings of the graphic, an automated script (not named by them in the article) did better than humans in reading the graphic. Now, reCAPTCHA: Stop Spam, Read Books is a slightly different take using graphics known to cause OCR progs problems.

HelloWorld · #10 (**permalink**) 07-13-2007, 12:01 AM

Quote:

I recently read an ACM article which talked about CAPTCHA and it indicated that at all tweakings of the graphic, an automated script (not named by them in the article) did better than humans in reading the graphic

I think this is kind of fake...? Is this even possible XD!!! The end of human era then..? lol...

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

The Following 3 Users Say Thank You to siLenTz For This Useful Post:
HelloWorld (07-12-2007), Lee (07-12-2007), rpgfan3233 (07-12-2007)